You are not logged in.

#1 2008-06-22 21:09:45

Myav
Member
Registered: 2007-05-07
Posts: 58

A few questions about passwd

I was reading the man page for passwd utility and there are some not clear points for me (both --keep-tokens and --mindays doesn't work properly).

Firstly, how can I see the result of the following option? hmm

-k, --keep-tokens
Indicate password change should be performed only for expired authentication tokens (passwords). The user wishes to keep their non-expired tokens as before.

I thought that the command "passwd -k" won't have effect if my password isn't expired, but this is wrong! I can change any password with "passwd -k"!

Let's create a test user (I will type the following commands as root):

> useradd -m foo

then let's set a password for it:

> passwd foo
Enter new UNIX password: bar
Retype new UNIX password: bar
passwd: password updated successfully

To make sure that the password isn't outdated type this:

> passwd -S foo
foo P 06/23/2008 0 99999 7 -1

99999 is enough large number of days.

But the password will be changed anyway if I'll run "passwd -k" under foo (or "passwd -k foo" under root). Why? What does actually mean the -k option? How can I use it?

Secondly, there is an option to limit the period between password changes - "--mindays":

-m, --mindays MIN_DAYS
Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change his/her password at any time.

But this doesn't work!

Let's create a test user:

> useradd -m bar

with some password:

> passwd bar
Enter new UNIX password: 123
Retype new UNIX password: 123
passwd: password updated successfully

Default value of MIN_DAYS is 0, which means that user can change his/her password at any time:

> passwd -S bar
bar P 06/23/2008 0 99999 7 -1

Set the MIN_DAYS to 3 days by the following commands:

> passwd --mindays 3 bar
Password changed.
> passwd -S bar
bar P 06/23/2008 3 99999 7 -1

According to the man page, the user bar can change his password only once every three days. But this isn't true! Under bar I can change the password indefinite number of times as before!

Thanks!

Offline

#2 2008-06-22 21:31:58

lucke
Member
From: Poland
Registered: 2004-11-30
Posts: 4,018

Re: A few questions about passwd

Are you changing that bar's password as a root or as a bar user?

Offline

#3 2008-06-22 21:43:16

Myav
Member
Registered: 2007-05-07
Posts: 58

Re: A few questions about passwd

I tried that out as both bar and root.

For example here is three passwd calls:

[bar@aldan-3 sergey]$ passwd -S bar
bar P 06/23/2008 3 99999 7 -1
[bar@aldan-3 sergey]$ passwd
Changing password for bar.
(current) UNIX password: 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
[bar@aldan-3 sergey]$ passwd
Changing password for bar.
(current) UNIX password: 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
[bar@aldan-3 sergey]$ passwd
Changing password for bar.
(current) UNIX password: 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully

Offline

#4 2008-06-23 06:46:01

sniffles
Member
Registered: 2008-01-23
Posts: 275

Re: A few questions about passwd

Works fine on Debian [SID] so it might be Arch-specific.

Offline

#5 2008-06-23 13:31:10

Myav
Member
Registered: 2007-05-07
Posts: 58

Re: A few questions about passwd

OK, after testing on Slax this evening, I will post a bug to the bug tracker.

Offline

#6 2008-06-23 19:43:15

Myav
Member
Registered: 2007-05-07
Posts: 58

Re: A few questions about passwd

This bug isn't reproduced in Slax (all works as expected), so I've created a bug report: http://bugs.archlinux.org/task/10744

Offline

Board footer

Powered by FluxBB